From owner-freebsd-security Fri Apr 28 22:21:36 2000 Delivered-To: freebsd-security@freebsd.org Received: from tsolab.org (dnn.rockefeller.edu [129.85.40.126]) by hub.freebsd.org (Postfix) with ESMTP id 0729C37B87F for ; Fri, 28 Apr 2000 22:21:33 -0700 (PDT) (envelope-from dan@tsolab.org) Received: from tsolab.org (ts007d07.sun-fl.concentric.net [206.173.68.67]) by tsolab.org (8.8.7/8.8.7) with SMTP id BAA17065; Sat, 29 Apr 2000 01:11:26 -0400 (EDT) (envelope-from dan@tsolab.org) Message-ID: <390A7095.368ACB80@tsolab.org> Date: Sat, 29 Apr 2000 01:18:14 -0400 From: Dan Tso Reply-To: dan@tsolab.org Organization: The Rockefeller University X-Mailer: Mozilla 4.51 [en] (Win95; U) X-Accept-Language: en MIME-Version: 1.0 To: Fabio da Silva Cunha Cc: freebsd-security@FreeBSD.ORG Subject: Re: e-mail auditing in sendmail 8.9.3/8.10.1 References: <3.0.6.32.20000429012053.014f1ec0@mymail.com.br> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I need to copy all mail processed (in / out) through my mail server > (FreeBSD/Sendmail) to one user account (auditor@mydomain.com.br) it's > possible with sendmail 8.9.3/8.10.1 ? > > - For incoming, i used the /etc/alias file, but for outgoing i don't have a > solution. :( This is really a question for the sendmail forums and it comes up all the time. At least when I researched it, the basic message was that sendmail doesn't come with a canned solution for this (logging outgoing mail) on purpose, primarily due to invasion of privacy issues felt by the core developers/maintainers. However there are possibilities: 1) obviously, used something other than sendmail. I believe qmail and postfix provide this feature, 2) there is a C source level hack to include this feature in sendmail which has been posted to USENET, 3) you can alter the sendmail.cf file to do it, either using something like procmail, or sendmail itself. This method, while not the most efficient, is the easiest. I am using a version of solution 3, modified from an example posted to USENET (which didn't seem to be completely tested as far as I could tell). The nasties are like if you ever do bulk mailing (mailing lists, etc), you may want an escape mechanism to avoid 1000's of copies of the same email in your log file. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message